Need help to know about ROOT DNS query
Joseph S D Yao
jsdy at tux.org
Sat Mar 26 13:04:51 UTC 2011
On Thu, Mar 17, 2011 at 07:50:41PM +0530, babu dheen wrote:
...
> Can anyone let me know whether company Internal DNS server should respond to ROOT DNS query. When i execute # dig . NS @my-company-name-server query I am getting complete response
>
> Let me know whether enabling ROOT DNS query is a security threat. For more informaton can you read and help us to securely configure our company internal Windows DNS server and its impact of disabling it.
>
...
Babu Dheen,
If you had a private internet with its own "root" name servers, and
supposedly no IP access to the public Internet except via proxied
firewalls, and you got this response, you would need to start looking
for leaks.
In your situation, where you are forwarding queries to the outside
world, this response is appropriate and necessary.
--
/*********************************************************************\
**
** Joe Yao jsdy at tux.org - Joseph S. D. Yao
**
\*********************************************************************/
More information about the bind-users
mailing list